Bug#872379: chkrootkit hangs when egrepping files in /dev in lxc containers
Package: chkrootkit
Version: 0.50-4+b2
Severity: normal
lxc bind-mounts pts devices over files in /dev when starting a container,
but "find" ignores bind mounts when evaluating file types.
Therefore, a bind-mounted device like this:
$ ls -l /dev/console
c--x--x--x 1 root tty 136, 1 Aug 16 15:53 /dev/console
Still shows up when running "find" to look for regular files:
$ find /dev -type f
/dev/console
Because of this behaviour, the chkrootkit command:
files=`${find} ${ROOTDIR}dev -type f -exec ${egrep} -l "^[0-5] " {} \;`
ends up hanging while trying to egrep /dev/console
This can be avoided by adding an -fstype argument to the find command:
files=`${find} ${ROOTDIR}dev -type f ! -fstype devpts -exec ${egrep} -l "^[0-5] " {} \;`
-- System Information:
Debian Release: 9.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'proposed-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.utf8, LC_CTYPE=en_CA.utf8 (charmap=UTF-8), LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages chkrootkit depends on:
ii binutils 2.28-5
ii debconf [debconf-2.0] 1.5.61
ii libc6 2.24-11+deb9u1
ii net-tools 1.60+git20161116.90da8a0-1
ii openssh-client 1:7.4p1-10+deb9u1
ii procps 2:3.3.12-3
chkrootkit recommends no packages.
chkrootkit suggests no packages.
Reply to: